From f20aadb7451b77e8f1b9a42873aa317331b56c03 Mon Sep 17 00:00:00 2001 From: ZacharyZcR <2903735704@qq.com> Date: Wed, 15 Jan 2025 15:10:01 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20=E9=BB=98=E8=AE=A4=E4=B8=8D?= =?UTF-8?q?=E5=BC=80=E5=90=AF=E8=BF=9B=E5=BA=A6=E6=9D=A1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Common/Config.go | 12 +++++----- Common/Flag.go | 2 +- Core/Scanner.go | 2 +- WebScan/lib/Check.go | 54 ++++++++++++++++++++++++++++++-------------- 4 files changed, 45 insertions(+), 25 deletions(-) diff --git a/Common/Config.go b/Common/Config.go index a635796..e819430 100644 --- a/Common/Config.go +++ b/Common/Config.go @@ -930,12 +930,12 @@ var ( EnableWmi bool // 原IsWmi // 输出配置 - DisableSave bool // 禁止保存结果 - Silent bool // 静默模式 - NoColor bool // 禁用彩色输出 - JsonFormat bool // JSON格式输出 - LogLevel string // 日志输出级别 - NoProgress bool // 禁用进度条显示 + DisableSave bool // 禁止保存结果 + Silent bool // 静默模式 + NoColor bool // 禁用彩色输出 + JsonFormat bool // JSON格式输出 + LogLevel string // 日志输出级别 + ShowProgress bool // 是否显示进度条 ) var ( diff --git a/Common/Flag.go b/Common/Flag.go index b96db28..1dd8f9e 100644 --- a/Common/Flag.go +++ b/Common/Flag.go @@ -166,7 +166,7 @@ func Flag(Info *HostInfo) { flag.BoolVar(&NoColor, "nocolor", false, "禁用彩色输出显示") flag.BoolVar(&JsonFormat, "json", false, "以JSON格式输出结果") flag.StringVar(&LogLevel, "log", LogLevelInfo, "日志输出级别(ALL/SUCCESS/ERROR/INFO/DEBUG)") - flag.BoolVar(&NoProgress, "nopg", false, "禁用进度条显示") + flag.BoolVar(&ShowProgress, "pg", false, "开启进度条显示") flag.Parse() } diff --git a/Core/Scanner.go b/Core/Scanner.go index 40be0cc..8e1b7c1 100644 --- a/Core/Scanner.go +++ b/Core/Scanner.go @@ -285,7 +285,7 @@ func executeScans(targets []Common.HostInfo, ch *chan struct{}, wg *sync.WaitGro Common.LogInfo(fmt.Sprintf("加载的插件: %s", strings.Join(finalPlugins, ", "))) // 初始化进度条 - if !Common.NoProgress { + if Common.ShowProgress { Common.ProgressBar = progressbar.NewOptions(actualTasks, progressbar.OptionEnableColorCodes(true), progressbar.OptionShowCount(), diff --git a/WebScan/lib/Check.go b/WebScan/lib/Check.go index 4506b57..860f289 100644 --- a/WebScan/lib/Check.go +++ b/WebScan/lib/Check.go @@ -37,7 +37,7 @@ func CheckMultiPoc(req *http.Request, pocs []*Poc, workers int) { workers = 1 // 确保至少有一个工作协程 } - tasks := make(chan Task, len(pocs)) // 使用带缓冲的通道,避免阻塞 + tasks := make(chan Task, len(pocs)) var wg sync.WaitGroup // 启动工作协程池 @@ -49,30 +49,50 @@ func CheckMultiPoc(req *http.Request, pocs []*Poc, workers int) { wg.Done() continue } - details := func(enable bool) string { - data := "" - if !enable { - return data - } + + if isVulnerable { + // 构造详细信息 + details := make(map[string]interface{}) + details["vulnerability_type"] = task.Poc.Name + details["vulnerability_name"] = vulName + if task.Poc.Detail.Author != "" { - data += "\tauthor:" + task.Poc.Detail.Author + "\n" + details["author"] = task.Poc.Detail.Author } - if len(task.Poc.Detail.Links) != 0 || task.Poc.Detail.Links != nil { - data += "\tlinks:" + strings.Join(task.Poc.Detail.Links, "\n") + "\n" + if len(task.Poc.Detail.Links) != 0 { + details["references"] = task.Poc.Detail.Links } if task.Poc.Detail.Description != "" { - data += "\tdescription:" + task.Poc.Detail.Description + "\n" + details["description"] = task.Poc.Detail.Description } - return data - }(true) - if isVulnerable { - result := fmt.Sprintf("目标: %s\n 漏洞类型: %s\n 漏洞名称: %s\n 详细信息: %s", + + // 保存漏洞结果 + result := &Common.ScanResult{ + Time: time.Now(), + Type: Common.VULN, + Target: task.Req.URL.String(), + Status: "vulnerable", + Details: details, + } + Common.SaveResult(result) + + // 控制台输出 + logMsg := fmt.Sprintf("目标: %s\n 漏洞类型: %s\n 漏洞名称: %s\n 详细信息:", task.Req.URL, task.Poc.Name, - vulName, - details) + vulName) - Common.LogSuccess(result) + if task.Poc.Detail.Author != "" { + logMsg += "\n\tauthor:" + task.Poc.Detail.Author + } + if len(task.Poc.Detail.Links) != 0 { + logMsg += "\n\tlinks:" + strings.Join(task.Poc.Detail.Links, "\n") + } + if task.Poc.Detail.Description != "" { + logMsg += "\n\tdescription:" + task.Poc.Detail.Description + } + + Common.LogSuccess(logMsg) } wg.Done() }